I am new to Zeroshell and apologize in advance if the answers to my questions have already been posted to the Forum.

We have set up a workstation in my office with 3 NIC cards. We have 2 PCI and 1 onbourd NIC.We are currently using Release 1.0 Beta 12 . From what I have read on this forum , QOS and Net Balancing are glitchy and have made sure not to enable QOS.

The issue we are running into is that the Failover is not working properly, I keep receiving Fauts everytime I switch between the interfaces.Below is my current setup.

We are trying to setup load balancing between a DSL connection and a Cable connection. Whenever We have the failover monitor in place, the DSL connection fails. In the routing table, the default gateway shows that all traffic should be going out the connection for the DSL connection, but when I try to run a trace route or ping a public IP address it doesn’t work.

Traffic is getting stopped at the WAN Port on the Zero Shell server for the DSL connection.

If I were to ping a device that is past the WAN Port for the DSL connection, it is successful. I don’t know what the problem is. I can provide tracerts and IP addressing if you need.

My company is an Internet service provider. We provide DSL and T1 lines to various customers. While we are troubleshooting this issue, we are using DSL service that we provide. So the connection from our Core router goes out through the connection to our DSL vendor and then in through a phone line into our office and into a3Com 3030 router. We then have the LAN-side of this 3Com 3030 router going into one of the WAN ports of the Zero Shell server.

The DSL router is supposed to take the traffic from ZeroShell and send it out to the internet and then back, but according to the tracert above, ZeroShell isn’t sending the traffic to the DSL router. 10.104.117.2 is the WAN IP address of the ZeroShell server that connects to the LAN-side of the DSL router.

When I try to ping my core router and the 3Com 3030 router from a workstation on the LAN 10.150.1.x network, pings are successful, but whenever I try to access a website on the internet through the DSL connection it fails at the ZeroShell connection.

I only have NAT turned on for the Cable connection. Our DSL connection has NAT performed on the firewall that is directly in front of the Core router.

Your ZS routing table is wrong. In the Default Gateway line you should also have the gateway IP address (10.104.117.1 I think). The way you have it is for p2p links, while you are on a routed network, so the router should know the IP to hit.

Thanks for the assistance. I was unable to specify the output interface and the IP address of the default gateway (10.104.117.1), but I was able to just put in the default gateway and that seemed to have fixed the routing issue we had.

Now I am trying to figure out what is needed in regards to DNS.

We currently have our DNS servers specified as the forwarders for our client’s DNS servers. In the event of a WAN link failure that we provide (DSL or T1), the clients will not be able to resolve websites to IP addresses.

I am aware of the fact that we can set DNS forwarders on the ZS box and then have our clients use the IP address of the ZS box as their DNS forwarder. My question for this is, is there a way to provide failover for this DNS function? I’d like to make it so that when our WAN link is up (DSL or T1), ZS will forward DNS requests to our Primary and Secondary DNS servers, but when those WAN links are down, we would like ZS to forward DNS requests to a DNS server out on the internet (for example, OpenDNS).

Although I guess that when your WAN links are down DNS will be the least problem of your clients, you can always add many DNS servers in the forwarders list, starting with your own and finally using OpenDNS.

Is there any way to configure the http proxy to specify a different IP address and port number? I am trying to incorporate this ZeroShell router into a network with a filtering system that requires proxy settings on all the workstations. If ZeroShell can automatically redirect all HTTP web requests to the filtering system instead of having to put the proxy settings on the workstations, that would significantly help us deploy this across all of our clients. Thanks.

I’m just not that familiar with this software to be able to do this on my own. How would I go about setting this up?

What information do you need from me in order to assist me? Our proxy server on this network segment is 10.150.1.3 with port number 8080. Our ZeroShell server has IP address 10.150.1.1 on the LAN and it has two WAN ports, one of them has a static IP address that connects to a DSL line that my company provides ISP services to. The WAN IP address on the ZeroShell server for that connection is 10.104.117.2 and the other WAN connection connects to a third-part Cable ISP provider and it receives an IP address through DHCP. Thanks.

Thanks for the info. I’m assuming I need to type this in the Shell Prompt, correct? (Command Menu, Option S for Shell prompt)

How would I remove these commands if I needed to? I might be installing this server at a client’s location on Thursday and I would need to remove these settings and change the IP addresses of the interfaces since the client has a different IP range. Thanks.

Thanks I’ll test that out today. Does ZeroShell support SNMP? If so, how would I go about configuring it? We use What’s Up Gold for monitoring purposes, and would love to be able to monitor the ZeroShell Server. Thanks.